This is a preparation patch to improve the module auto-loadinfrastructure.

We need this patch to have more control on module auto-load operations.The operation by default is allowed unless enduser or the calling coderequests that we need to perform futher permission checks.

With this change subsystems will be able to decide if module auto-loadfeature first will have to do a capability check and load the module ifthe permission check succeeds or deny the operation.

As an example "netdev-%s" modules, they are allowed to be loaded ifCAP_NET_ADMIN is set. Therefore, in order to not break this assumption,and allow userspace to load "netdev-%s" modules with CAP_NET_ADMIN,we have added:

request_module_cap(required_cap, prefix, fmt...)

This new function will take:'@required_cap': Required capability to load the module'@prefix': The module prefix if any, otherwise NULL'@fmt': printf style format string for the name of the module with its arguments if any

ex: request_module_cap(CAP_NET_ADMIN, "netdev", "%s", mod);

After a discussion with Rusty Russell [1], the suggestion was to passthe capability from request_module() to security_kernel_module_request()for 'netdev-%s' modules that need CAP_NET_ADMIN, and after review fromKees Cook [2] and experimenting with the code, the patch now does thefollowing:

* Adds the request_module_cap() function.* Updates the __request_module() to take the "required_cap" argument with the "prefix".

This patch also updates SELinux which is currently the only user ofsecurity_kernel_module_request(), the security hook now accepts'required_cap' and 'prefix' as arguments.